Articles about Security

Researchers at password manager NordPass have identified a total of 9,517 unsecured databases containing 10,463,315,645 entries with such data as emails, passwords, and phone numbers.

The databases are found across 20 different countries, with China being at the top of the list -- the country has nearly 4,000 exposed databases. This means that potentially more than 2.6 billion users could have had their accounts breached.

Continue reading →

Digital transformation combined with a shift to more remote working has presented considerable challenges for enterprises when it comes to securing their systems.

One of the technologies being increasingly used to enable remote access is Secure Access Services Edge (SASE). We spoke to Anurag Kahol, CTO and co-founder of cloud security company Bitglass to find out more about SASE and how it can help businesses deliver their transformation projects.

Continue reading →

As more organizations move their operations to the cloud and networks become more fragmented, ensuring safe, secure access to systems becomes more difficult.

Secure access specialist Pulse Secure is launching a new Pulse Zero Trust Access (PZTA) solution. A cloud-based, multi-tenant secure access platform that enables organizations to provide users with easy, anywhere access to multi-cloud and data center applications.

Continue reading →

A new survey of over 300 security professionals reveals that 93 percent feel they lack the tools to detect known security threats, and 92 percent say they are still in need of appropriate preventative solutions to close current security gaps.

The study from security operations center specialist LogRhythm also finds that 75 percent of security professionals now experience more work stress than they did just two years ago.

Continue reading →

Secure Access Service Edge (SASE) technology is increasingly being used to enable secure and fast cloud adoption, helping ensure both users and devices have safe cloud access to applications, data and services from anywhere.

Cybersecurity company Forcepoint is entering this market with a new suite of SASE solutions, including a Cloud Security Gateway and zero trust Private Access features.

Continue reading →

Developers frequently make use of open source components in order to speed up projects and save them having to reinvent tasks. But this can lead to the introduction of hidden security risks.

Now though open source marketplace xs:code is launching a new, free Chrome extension, xs:code Insights, which provides users with intuitive, in-depth analytics on open source repositories, including repository score, security analysis, maintenance and activity status, reviews, ratings and more.

Continue reading →

The DMARC standard for email verification has been around for several years. Domain-based Message Authentication, Reporting and Conformance has the potential to rebuild trust in email communications plagued by spam and phishing.

Google's announcement this week that it's about to start piloting the display of authenticated brand logos in Gmail could mark the start of the technology's mainstream adoption.

Continue reading →

One of the biggest challenges that cybersecurity teams face at the moment is alert noise which can blind them to real threats.

Corporate performance management (CPM) specialist Prophix Software recently chose to adopt a network traffic analysis (NTA) solution to address this issue. We spoke to Kristofer Laxdal, the company's director of information security to discover why it chose invest in NTA technology and what benefits it's seeing.

Continue reading →

Research into changing 'digital comfort zones' during the pandemic shows that 37 percent of millennials think they're too boring to be a victim of cybercrime.

The study from Kaspersky finds that millennials are now spending almost two extra hours online every day and almost half say this has made them more aware of their digital security, with 36 percent saying that they should be doing more to strengthen it.

Continue reading →

The average security operations center (SOC) has considerable room for improvement according to a new report from automation and response platform SIRP Labs.

Almost a third (29 percent) of respondents believe missed alerts due to high volumes are a significant, even a serious, problem. In companies of 1,000-2,500 employees the figure rises to 46 percent.

Continue reading →

With bricks and mortar stores largely shut down for much of the first half of 2020, it’s no real surprise to find that cybercriminals have been targeting eCommerce sites.

New research from IntSights looks at how there has been a rise in cybercriminals targeting eCommerce sites using a variety of attack methods, such as skimming attacks, account takeovers and ransomware.

Continue reading →

Just a week ago, we covered the news that user log files from the VPN service UFO VPN had been exposed. A database of user data appeared online despite the company's claims of having a "strict no-logs policy".

But while security experts took steps to lock down the data and restrict access to it by the middle of this month, earlier this week it transpired that a second, newer UFO VPN database had appeared online, containing even more data. This time, however, hackers came to the rescue with a coordinated "Meow" attack.

Continue reading →

The latest Cyber Threat Report from SonicWall shows a 24 percent drop in malware attacks worldwide, while there’s been a 20 percent jump in ransomware globally and a 109 percent spike in the US.

There's also been a 176 percent increase in malicious Microsoft Office file types and a 50 percent rise in IoT malware attacks as cybercriminals seek to use devices as a backdoor to business networks via home workers.

Continue reading →

A report released today by email security firm Tessian reveals that 43 percent of US and UK employees have made mistakes resulting in cybersecurity repercussions for themselves or their company.

A quarter of employees confess to clicking on links in a phishing email at work, with distraction cited as a top reason for falling for a phishing scam by 47 percent of employees. This is closely followed by the fact that the email 'looked legitimate' (43 percent), with 41 percent saying the phishing email looked like it came from a senior executive or a well-known brand.

Continue reading →

According to a new report, 89 percent of security professionals are most concerned about phishing, web and ransomware attacks, but only 48 percent confirm that they have continuous visibility into these risk areas.

The 2020 Cybersecurity 360 Report from Balbix also shows 64 percent of organizations are only, at best, somewhat confident in their security posture, and that the lack of visibility into security is the primary concern for organizations.

Continue reading →